nerdexam
GIAC

GPEN · Question #145

GPEN Question #145: Real Exam Question with Answer & Explanation

The correct answer is A. Man-in-the-middle. The dsniff tool is commonly used to perform Man-in-the-Middle (MITM) attacks by transparently intercepting and relaying traffic between two parties who are unaware of the interception.

Question

You are using the dsniff tool to intercept communications between two entities and establish credentials with both sides of the connections. These entities do not notice that you were retrieving the information between these two. Which of the following attacks are you performing?

Options

  • AMan-in-the-middle
  • BARP poisoning
  • CSession hijacking
  • DDoS

Explanation

The dsniff tool is commonly used to perform Man-in-the-Middle (MITM) attacks by transparently intercepting and relaying traffic between two parties who are unaware of the interception.

Common mistakes.

  • B. ARP poisoning is a technique used to redirect traffic to enable a MITM attack, but it is a mechanism rather than the attack type described in the scenario.
  • C. Session hijacking involves stealing or forging an authenticated session token to take over an existing session, not establishing two-sided connections to relay data between parties.
  • D. A DoS attack disrupts availability of a service or resource and does not involve intercepting or relaying communications between two entities.

Concept tested. Man-in-the-Middle attack using dsniff

Reference. https://owasp.org/www-community/attacks/Manipulator-in-the-middle_attack

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice
You are using the dsniff tool to intercept communications between... | GPEN Q#145 Answer | NerdExam